--- a/web/lib/Zend/Feed/Reader.php	Thu May 07 15:10:09 2015 +0200
+++ b/web/lib/Zend/Feed/Reader.php	Thu May 07 15:16:02 2015 +0200
@@ -14,9 +14,9 @@
  *
  * @category   Zend
  * @package    Zend_Feed_Reader
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright  Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com)
  * @license    http://framework.zend.com/license/new-bsd     New BSD License
- * @version    $Id: Reader.php 25275 2013-03-06 09:55:33Z frosch $
+ * @version    $Id$
  */
 
 /**
@@ -39,10 +39,16 @@
  */
 require_once 'Zend/Feed/Reader/FeedSet.php';
 
+/** @see Zend_Xml_Security */
+require_once 'Zend/Xml/Security.php';
+
+/** @see Zend_Xml_Exception */
+require_once 'Zend/Xml/Exception.php';
+
 /**
  * @category   Zend
  * @package    Zend_Feed_Reader
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright  Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com)
  * @license    http://framework.zend.com/license/new-bsd     New BSD License
  */
 class Zend_Feed_Reader
@@ -326,29 +332,23 @@
     }
 
     /**
-     * Import a feed froma string
+     * Import a feed from a string
      *
      * @param  string $string
      * @return Zend_Feed_Reader_FeedInterface
      */
     public static function importString($string)
     {
-        $libxml_errflag = libxml_use_internal_errors(true);
-        $oldValue = libxml_disable_entity_loader(true);
         $dom = new DOMDocument;
-        $status = $dom->loadXML($string);
-        foreach ($dom->childNodes as $child) {
-            if ($child->nodeType === XML_DOCUMENT_TYPE_NODE) {
-                require_once 'Zend/Feed/Exception.php';
-                throw new Zend_Feed_Exception(
-                    'Invalid XML: Detected use of illegal DOCTYPE'
-                );
-            }
+        try {
+            $dom = Zend_Xml_Security::scan($string, $dom);        
+        } catch (Zend_Xml_Exception $e) {    
+            require_once 'Zend/Feed/Exception.php';
+            throw new Zend_Feed_Exception(
+                $e->getMessage()
+            );
         }
-        libxml_disable_entity_loader($oldValue);
-        libxml_use_internal_errors($libxml_errflag);
-
-        if (!$status) {
+        if (!$dom) {
             // Build error message
             $error = libxml_get_last_error();
             if ($error && $error->message) {
@@ -455,20 +455,19 @@
             $dom = $feed;
         } elseif(is_string($feed) && !empty($feed)) {
             @ini_set('track_errors', 1);
-            $oldValue = libxml_disable_entity_loader(true);
+            //$oldValue = libxml_disable_entity_loader(true);
             $dom = new DOMDocument;
-            $status = @$dom->loadXML($feed);
-            foreach ($dom->childNodes as $child) {
-                if ($child->nodeType === XML_DOCUMENT_TYPE_NODE) {
-                    require_once 'Zend/Feed/Exception.php';
-                    throw new Zend_Feed_Exception(
-                        'Invalid XML: Detected use of illegal DOCTYPE'
-                    );
-                }
+            try {
+                $dom = Zend_Xml_Security::scan($feed, $dom);
+            } catch (Zend_Xml_Exception $e) {
+                require_once 'Zend/Feed/Exception.php';
+                throw new Zend_Feed_Exception(
+                    $e->getMessage()
+                );
             }
-            libxml_disable_entity_loader($oldValue);
+            //libxml_disable_entity_loader($oldValue);
             @ini_restore('track_errors');
-            if (!$status) {
+            if (!$dom) {
                 if (!isset($php_errormsg)) {
                     if (function_exists('xdebug_is_enabled')) {
                         $php_errormsg = '(error message not available, when XDebug is running)';